California shoppers at the Lucky supermarket chain felt anything but lucky after discovering that their credit card information may have been hacked.
Until now, the only frustrations found in checkout lines came from people who steer overflowing shopping carts into the express lane. But the convenience afforded by paying for purchases with a quick swipe of a credit or debit card has created yet another means for criminals to empty your bank account. At least 80 at-risk accounts have been identified from more than 20 stores, and the supermarket chain has gotten calls from more than 500 calls from concerned customers.
The culprit has still not been identified, but the method used points to an inside job, according to Lucky executives. Some of the stores’ credit card machines were altered were devices called “sniffers,” extra computer boards that capture credit and debit card numbers.
Customers are now being advised to close their bank and credit card accounts.
Bill Kalogeros, a security software consultant, believes the risk can be traced to inadequate security measures. “The problem is, the card industry itself can’t spend the money for full encryption,” he said. That’s a rather provocative statement, and the millions of cardholders around the country may wonder why such protection cannot be provided.
Full encryption is certainly possible for most companies, though it is not always implemented in time to stop the kind of damage that Lucky stores are contending with now. And, just as with so many other security breaches that have made the news, it’s the attacks with their origin from inside the company that have the greatest impact.
According to a Ponemon Institute study, Nearly two-thirds of the attacks in 2010 resulted in losses anywhere from $250,000 to $2.5 million. That should be reason enough to make network security and encryption a top priority.
If you are not certain whether your company is doing everything it could to protect your data and your customers, contact Aurora for a security analysis today.
Get into contact with us;
*By Filling Out the Form Below
[contact-form-7 404 "Not Found"]